Lighting a match in the dark web

Tag Archives: Deep Web Links

Given that there are some disturbing things on the dark web, I could see how it would be easy to believe in the mythological stuff as well – and I know I’ll never convince everyone otherwise.

Still, I thought I’d take another trek onto Tor and see if I could find a few of these sites, in order to analyze their claims. Hopefully, no one else comes after me! (wink)

The Red Rooms of Pain

So, there are a plethora of sites on Tor that claim to be red rooms, as I’ve said on other posts. I’ve received a lot of comments saying that I’m incorrect about this, but if that’s the case, I want you to prove it to me!

The first few of these that I clicked on resulted in the ubiquitous “…connection has timed out” message. You know, like this one:

Well, that’s Tor for you! I have heard the conjecture before that red rooms will stick around briefly, and then the operators will just “close up shop” and move to a different link, but that seems only partially true.

Finally, after exploring a little while, I did find one red room site that “worked,” so to speak:

Of course, I didn’t join, nor did I contact them. All the other ones I’ve come across recently look the same, or similar, which is one of the reasons I believe that these are all fake. They look as though they could’ve been made very quickly and easily, and setting up a Tor hidden service, in the grand scheme of things, is not that difficult. Anyway, if you click “join,” the second page looks like this:

One of the things that makes me curious is that on the second page, it reads:

If you click that, it takes you to a “payment” page where, supposedly, if you pay 0.005 BTC, you can download a video of the previous show. (I’m highly dubious about this.)

If one of you feels comfortable paying this and downloading the video, go ahead – but as I’ve said before, you’re taking a chance of downloading malware or simply losing your bitcoin. I’m not willing to do either, to be honest.

Oh, But Wait a Moment…

On the other hand, someone I talked to recently questioned my belief about the non-existence of red rooms. He also seemed to be someone who was knowledgeable about these sorts of things (e.g. darknets and online crime).

I don’t know this person well, but he asked if I had come across any sites on Tor that looked vague and mysterious, and required a username and password to enter. In fact, I have, many times.

A few of these sites did not even say what they were about; they simply had a login page. Most of these I found by hunting around – they weren’t catalogued in the popular link lists (such as The Hidden Wiki, for instance).

When I visited the sites, they looked somewhat like this:

There were no other details or descriptions, simply a login form like that. Of course, I was very curious as to what these sites could be. The person I was talking to suggested that these sites could be red rooms. He also suggested that streaming video over Tor isn’t as difficult as people make it out to be. (Hmm…)

As I mentioned on PsychoTube: The YouTube of Tor?, it is possible to watch videos over the network, but I haven’t tried streaming anything live. Maybe it would be a good experiment for someone to try (albeit without the murder part). Granted, I don’t have proof that the above sites were red rooms, but I do have to wonder why they were so secretive.

They may also have been similar to Dark0de, which was a former cybercrime forum. I encountered its Tor hidden service early on in my dark web “travels.” Their login page, likewise, looked very vague and nondescript:

So…what’s your take on this, readers? Are some of these “mysterious” sites actually red rooms? Or are they just boring forums and chat rooms?

Based on the comments I get, I’ve become aware of how much people love to see so-called “dark web links” on here. For that reason, I’ve done a little exploration and found some new ones.

Note to my readers: if you have requests for certain types of links, let me know. I can try to find some, but I can’t guarantee that I’ll come across the ones that you want. Honestly, some of the things that people are looking for (in my experience) just don’t exist.

Those of you who love “links, links, links!” will be happy to know that there’s a very new search engine on Tor called Flare, which looks similar to Candle, another search engine. It’s at this URL: http://dlggj2krbqzm5dru.onion. Honestly, this was the first thing I pictured when I heard the name:

Anyhow, Candle, as I mentioned on a previous post, is one of several search engines that indexes Tor hidden services. It’s not quite as popular as not Evil or Grams [EDIT: Grams no longer exists], but it gets the job done.

Flare, in turn, is very similar (in fact it may even be a fork), but because it’s in beta form, it still needs help with its algorithms and speed. One interesting (and somewhat disturbing) feature that it has, at present, is that it lists some previous searches done by other users to the right of the search results.

Being aware that a lot of people on the dark web are looking for CP, you can guess what kinds of search terms may show up there. Well, it’s Tor – what did I expect? I just wouldn’t want to meet any of these people in person.

Anyhow, the more that you use a particular search term, the faster it will come up in the future. I tried out the following searches:

“red room”

“hacking”

“dark”

“market”

“carding”

I believe I tried a few others too, but I don’t recall. Compared to a search engine like not Evil, it doesn’t get as many results, but like Candle, Flare seems more focused on getting relevant results, rather than the largest number.

Interestingly, out of the search terms above, “market” returned the most results, by far. Should I really be surprised by that? The first result was a site called “Counterfeit USD,” at this link: http://qkj4drtgvpm7eecl.onion

Seems legit.

I haven’t tried out their services, but my first instinct was that it’s a scam, because other sites like it have turned out to be scams. Speaking of which, Flare also has a “Scam: true or false” label beneath the search results. However, simply because a page is labeled “false” does not necessarily mean that it’s the real thing. I’ve been on the dark web long enough that I’ve started assuming that everything is a scam (or almost everything).

That aside, I like the search engine so far, and I recommend trying it out. Perhaps, if more people start using it, it will improve.

Hey, maybe you could even get your site indexed on it! (Hopefully not the scam version.)

I’ve noticed that quite a few people recommend The Hidden Wiki as a “starting point” for using Tor.

While it does have some good general information about Tor (and darknets in general), most of the links that it features are scams – at least the financial ones, or anything that you would have to pay money to use. Though I don’t suggest using it, I’ll link to it anyway, just so you can see what I mean: http://zqktlwi4fecvo6ri.onion

This probably goes without saying for people who have been using Tor for a reasonable amount of time, but for those new to the dark web, it seems like a lure to ensnare people unfamiliar with it.

Granted, some of the links are innocuous – you’ll see things like the search engines, and some of the “library sites” like the Imperial Library of Trantor. On the other hand, there are quite a few sites that promise things like “bitcoin doubling,” “free drugs,” etc. – these are all scams.

So…if you don’t use the Hidden Wiki, what should you use?

Well, as I’d mentioned in several earlier posts, there are a few Tor search engines that are good:

Of course, these sites, too, may have scam links on them, but they’re at least mixed in with other things. And for whatever reason, I also find them to be more interesting than the Hidden Wiki – whether that’s because they have better links, or just look creepier, I can’t say. Nevertheless, I have found a lot of the interesting sites I discuss on these alternate link sites and search engines.

Besides these, if you’re just looking for a group of people on the clearnet who hunt down onion links like you do, I’d suggest the subreddit /r/onions: Things That Make You Cry. They’re a pretty cool group of folks.

As for me, I’ll make an effort to include more onion sites in some of my future posts. Have fun checking out some of the ones I’ve shared here, in the meantime!

I suppose I should be expecting this by now, but there’s an enormous amount of misinformation about the deep web/dark web floating around. That’s the internet for you, right?

I bring this up because someone recently messaged me and said, “I clicked on a deep web site – am I in trouble??” (Surely I’m not the first to experience this.) So I talked to the guy for awhile, and as it turned out, the site he was referring to wasn’t a Tor site at all – it was just a site on Internet Archive: Wayback Machine, which keeps archives of old websites from the ’90s and early ’00s. One of them is this one:

Let me just get it all out there: visiting sites on there is perfectly fine; you won’t get in any trouble. Some of the sites may be creepy, but they are in no way related to the dark web. For those who don’t know anything about either the terms “deep web” or “dark web,” let me try to help out.

According to Wikipedia:

The deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by standard search engines for any reason. The opposite term to the deep web is the surface web. The deep web includes many very common uses such as web mail, online banking, but also paid for services with a paywall such as video on demand, and many more.

And as for the term “dark web”:

The dark web is the World Wide Web content that exists on darknets, overlay networks which use the public internet but which require specific software, configurations or authorization to access. The dark web forms a small part of the deep web, the part of the Web not indexed by search engines, although sometimes the term “deep web” is mistakenly used to refer specifically to the dark web.

Confused still? This is why I consistently say “dark web” when I’m referring to sites on Tor, I2P, Freenet, etc. The word “dark” doesn’t refer to the fact that it’s disturbing content, but the fact that it’s hidden or encrypted. The opposite term to the dark web is “clearnet” (the sites which don’t require any special configurations to access).

Granted, sites like The Hidden Wiki show only a small sample of Tor links (most of which are scams, by the way!). They are a part of the dark web, though (regardless of their content).

If you’re looking for a site that offers a lot more links (once you’re connected to Tor), then go to Harry71’s Onion Spider. I’m sure there are scams on here, but the site is at least updated daily, and has a lot of different links.

What people may be looking for is more secretive or disturbing content, which may or may not exist. Trust me – you aren’t going to find the secret to immortality on the dark web. If that sort of thing can’t be found on the clearnet, it won’t be found on the dark web either!

And as for the “deep web horror stories” on YouTube, most (if not all) of them are bullshit. How do I know this? Because the technical details are wrong. Many of them talk about live-streaming video over Tor, which is near-impossible. Nonetheless, I still find them entertaining.

I’ll tell you what, though – I have noticed that there are sites not listed in any of the link repositories or wikis, which sometimes have darker content, or are very exclusive sites (e.g. a members-only hacking forum that requires a referral from existing members). I’m not saying this to make your imagination run wild, but it’s something I have come across.

Beyond that, I’d say that the only sure way to learn how to discern fake sites from real ones, and myths from facts, is to visit the dark web yourself, and learn the ropes. There’s only so much information you can get from blogs and articles. The downside is that you may get screwed over in the process. A good rule of thumb is: if it looks sketchy, it probably is!

Ah, the legend continues! I’ve done several posts about the so-called “red rooms” that may or may not exist on the dark web, and it’s been an interesting process. (I’m leaning toward not, by the way.) For the newcomers, here are the previous entries:

In the process, I’ve become more and more convinced that it would be extremely difficult, if not impossible, to host something like a red room on the dark web (Tor in particular). Not only is livestreaming very difficult due to latency problems, but you would also have the problem of something like a live murder leaving behind evidence for law enforcement.

Nonetheless, in my research process, I’ve continued looking for sites that are labeled as red rooms, or sell themselves on the premise of being a red room. I have come across several of those while hunting, and most seem to be scams.

Red Room #12589903

The alleged “red room” site.

Most recently, I found yet another site with a similar premise, located at http://5xcds7yhgisfm6mu.onion/. As you can see from the screenshot, it’s rather basic looking and gives very few details. You had to contact them to get any other information.

Once again, out of curiosity, I contacted the site owner (or whomever) via the email address that was listed, and sent a PGP-encrypted message asking how to sign up. He sent me back a PGP-encrypted message with details on what I had to do, and how much I had to pay, etc.

Now, here is the creepy part: the person who responded actually knew my real name. That was enough to freak me out, at least a little bit. I didn’t ask, but I was also concerned if he had any of my other personal information.

(Later, when he found out I was blogging about him, he spewed out a list of other personal info, like my wife’s name, the city I lived in, and several places that I frequent. But you could honestly find those just by Googling me.)

His response to my first question, like most of the others, was that I had to pay 2.0 bitcoin (a.k.a. $1344.80) to gain access, and then to actually be the “master” of the show, I had to win an auction (similar to most of the other supposed red room sites).

Once you paid, supposedly, you would be given a username and password to simply access the site. (You could only access the landing page without it.)

Invasion of Privacy??

So my question was – where did the guy get my name from? Well, without asking directly, I had several theories.

When I had used my PGP key on the message I sent initially, it’s possible that my name was encoded into it somehow. I actually find that less disturbing than some of the alternatives.

Beyond that, I combed through my system with various anti-malware tools, and came up with a few troubling findings. One of them was a type of trojan (whose name I forget at the moment) that is specifically designed to steal login credentials and personal information.

I was able to remove it, but the question still remained – was that what gave away my name? I still don’t know for certain, and I would feel more comfortable if I did.

Moral of the Story…

So what have I learned from this? I need to be more careful about whom I correspond with on the dark web, and when I do so, it’s imperative that I have all privacy and security protocols in place, and don’t do anything idiotic. (Insert “I told you so” here.)

In the meantime, I’m still finding the process enjoyable, and believe it or not, I have learned a few things from my mistakes.